2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
16 #include <security/pam_appl.h>
22 static int my_conv(int num_msg, struct pam_message **msg,
23 struct pam_response **response, void *appdata_ptr);
26 static struct pam_conv pam_conv = { &my_conv, NULL };
29 static pam_handle_t *pamh;
32 static const char *service = "afstest";
33 static const char *new_envstring = "GOTHEREVIATESTPAM=1";
34 static const char *new_homestring = "HOME=/tmp";
36 #if defined(AFS_LINUX20_ENV) || defined(AFS_FBSD_ENV)
37 #define getpassphrase getpass
41 void main(int argc, char *argv[])
43 int authenticated = 0;
47 if (argc < 2 || argc > 3) {
48 fprintf(stderr, "Usage: %s [-u] <user>\n", argv[0]);
52 if (strcmp(argv[1], "-u") != 0) {
53 fprintf(stderr, "Usage: %s [-u] <user>\n", argv[0]);
62 if ((retcode = pam_start(service, username,
63 &pam_conv, &pamh)) != PAM_SUCCESS) {
64 fprintf(stderr, "PAM error %d\n", retcode);
68 authenticated = ((retcode = pam_authenticate(pamh, 0)) == PAM_SUCCESS);
71 fprintf(stderr, "PAM couldn't authenticate you.\n");
72 pam_end(pamh, PAM_ABORT);
76 if ((retcode = pam_acct_mgmt(pamh, 0)) != PAM_SUCCESS) {
77 fprintf(stderr, "pam_acct_mgmt returned %d.\n", retcode);
78 pam_end(pamh, PAM_ABORT);
82 /* pam_open_session */
84 if ((retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) {
85 fprintf(stderr, "pam_setcred returned %d.\n", retcode);
86 pam_end(pamh, PAM_ABORT);
90 pam_end(pamh, PAM_SUCCESS);
92 putenv(new_envstring);
93 putenv(new_homestring);
95 printf("Type exit to back out.\n");
96 execl("/bin/csh", "/bin/csh", NULL);
100 static int my_conv(int num_msg, struct pam_message **msg,
101 struct pam_response **response, void *appdata_ptr)
103 struct pam_message *m;
104 struct pam_response *r;
109 *response = calloc(num_msg, sizeof(struct pam_response));
110 if (*response == NULL) return PAM_BUF_ERR;
117 switch(m->msg_style) {
118 case PAM_PROMPT_ECHO_OFF:
120 /* ON HP's we still read 8 chars */
121 if (r) r->resp = strdup(getpass(m->msg));
123 if (r) r->resp = strdup(getpassphrase(m->msg));
126 case PAM_PROMPT_ECHO_ON:
127 fputs(m->msg, stdout);
129 r->resp = malloc(PAM_MAX_RESP_SIZE);
130 fgets(r->resp, PAM_MAX_RESP_SIZE, stdin);
131 r->resp[PAM_MAX_RESP_SIZE-1] = '\0';
132 p = &r->resp[strlen(r->resp)-1];
133 while (*p == '\n' && p >= r->resp) *(p--) = '\0';
137 fputs(m->msg, stderr);
140 fputs(m->msg, stdout);